ADVERTISEMENT

FRST_21-05-2021 15.36.14.txt

Trojan wyłączenie usługi Windows update, centrum zabezpieczeń

Hej Ściągnąłem trojana Spyware.StolenData.E . Trojan został usunięty poprzez Malwarebytes Anti-Rootkit. Eset skaner On line powykrywał inne trojany usunięte. Skanowałem MBAM - wykrył trojana usunął, Zemana AntiMalware - wykrył robaki usunął, Dr.Web CureIt wykrył trojany usunął, Dr.Web CureIt live usb - nic, kasperski live usb - nic, TDSSKiller-nic. Przeskanowałem jeszcze raz nie ma nic. Niestety komputer wyraźnie "zwolnił" ;(( Wyłączone zostały przez robaki usługi Windows update błąd 0x80080005 (próby włączenia bezskuteczne), jak i centrum zabezpieczeń Windows, wyłączony jest Windows defender. Próby przywrócenia usług poprzez automatyczne rozwiązywanie problemów w WIN10 , ewe do defendera plikiem ze strony windowsa WinSecurity, kończą się błędem kod błedu: 0x80070005. Włączenie WD power shelu bezskuteczne. Załączam logi z FRST proszę o pomoc.


Download file - link to post

Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 19-05-2021
Uruchomiony przez Admin (administrator) FREELANCER (LENOVO 4180A32) (21-05-2021 15:32:12)
Uruchomiony z E:\aaaaprogramyinne
Załadowane profile: Admin & MSSQL$ELISOFT
Platform: Windows 10 Pro Wersja 20H2 19042.985 (X64) Język: Polski (Polska)
Domyślna przeglądarka: FF
Tryb startu: Normal

==================== Procesy (filtrowane) =================

(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)

(ESET, spol. s r.o. - & gt; ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. - & gt; ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Glarysoft LTD - & gt; Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\GUBootService.exe
(Google LLC - & gt; Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe & lt; 17 & gt;
(IBM - & gt; IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportHelper.exe
(IBM - & gt; IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(IBM - & gt; IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
(Intel(R) pGFX - & gt; Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel(R) pGFX - & gt; Intel Corporation) C:\Windows\System32\igfxpers.exe
(IP Izmaylov Artem Andreevich - & gt; AIMP DevTeam) C:\Program Files (x86)\AIMP\AIMP.exe
(Lenovo (Beijing) Limited - & gt; Lenovo Group Limited) C:\Users\Admin\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSB.exe
(Lenovo - & gt; ) C:\Program Files (x86)\Lenovo\System Update\SUService.exe
(Lenovo - & gt; Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_700aca387f1cbd51\driver\shtctky.exe
(Lenovo - & gt; Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_700aca387f1cbd51\driver\tphkload.exe
(Lenovo - & gt; Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_700aca387f1cbd51\driver\tpnumlkd.exe
(Lenovo - & gt; Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_700aca387f1cbd51\driver\tposd.exe
(Lenovo - & gt; Lenovo) C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe
(Lenovo - & gt; Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Malwarebytes Inc - & gt; Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc - & gt; Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation - & gt; Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation - & gt; Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL11.ELISOFT\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation - & gt; Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation - & gt; Microsoft Corporation) C:\Windows10Upgrade\Windows10UpgraderApp.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2012.21.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows - & gt; Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows - & gt; Microsoft Corporation) C:\Windows\System32\cmd.exe & lt; 2 & gt;
(Microsoft Windows - & gt; Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows - & gt; Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows - & gt; Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Renesas Electronics Corporation - & gt; Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Synaptics Incorporated - & gt; Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated - & gt; Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated - & gt; Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synaptics Incorporated - & gt; Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics Incorporated - & gt; Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
(Windscribe Limited - & gt; Windscribe Limited) C:\Program Files (x86)\Windscribe\WindscribeService.exe
(Zemana D.O.O. Sarajevo - & gt; Zemana Ltd.) C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe
(Zoom Video Communications, Inc. - & gt; Zoom Video Communications, Inc.) C:\Program Files (x86)\Common Files\Zoom\Support\CptService.exe

==================== Rejestr (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)

HKLM\...\Run: [SynTPEnh] = & gt; C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [4207528 2019-10-27] (Synaptics Incorporated - & gt; Synaptics Incorporated)
HKLM\...\Run: [egui] = & gt; C:\Program Files\ESET\ESET Security\ecmds.exe [164808 2021-05-04] (ESET, spol. s r.o. - & gt; ESET)
HKLM-x32\...\Run: [KeePass 2 PreLoad] = & gt; C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [3091136 2020-09-10] (Open Source Developer, Dominik Reichl - & gt; Dominik Reichl)
HKLM-x32\...\Run: [NUSB3MON] = & gt; C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation - & gt; Renesas Electronics Corporation)
HKLM\...\Policies\Explorer: [NoInstrumentation] 1
HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore: [DisableSR/DisableConfig] & lt; ==== UWAGA
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia & lt; ==== UWAGA
HKU\S-1-5-21-1903252980-1550380843-4214653748-1001\...\Run: [btweb] = & gt; C:\Users\Admin\AppData\Roaming\BitTorrent Web\btweb.exe [5539456 2020-05-07] (Jenkins Win Client Build CA - & gt; BitTorrent Inc.) [Brak podpisu cyfrowego]
HKU\S-1-5-21-1903252980-1550380843-4214653748-1001\...\Run: [Windscribe] = & gt; C:\Program Files (x86)\Windscribe\Windscribe.exe [10106544 2019-01-19] (Windscribe Limited - & gt; Windscribe Limited)
HKU\S-1-5-21-1903252980-1550380843-4214653748-1001\...\Run: [com.squirrel.slack.slack] = & gt; C:\Users\Admin\AppData\Local\slack\slack.exe [308368 2021-05-18] (Slack Technologies, Inc. - & gt; Slack Technologies Inc.)
HKU\S-1-5-21-1903252980-1550380843-4214653748-1001\...\Run: [GUDelayStartup] = & gt; C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [44360 2021-05-15] (Glarysoft LTD - & gt; Glarysoft Ltd)
HKU\S-1-5-21-1903252980-1550380843-4214653748-1001\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-21-1903252980-1550380843-4214653748-1001\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-21-1903252980-1550380843-4214653748-1001\...\Policies\Explorer: [NoViewContextMenu] 0
HKLM\...\Windows x64\Print Processors\hpcpp175: C:\Windows\System32\spool\prtprocs\x64\hpcpp175.dll [617712 2014-11-20] (Hewlett-Packard Company - & gt; Hewlett-Packard Corporation)
HKLM\...\Windows x64\Print Processors\hpcpp180: C:\Windows\System32\spool\prtprocs\x64\hpcpp180.dll [647408 2015-08-18] (Hewlett-Packard Company - & gt; Hewlett-Packard Corporation)
HKLM\...\Windows x64\Print Processors\hpcpp250: C:\Windows\System32\spool\prtprocs\x64\hpcpp250.dll [850024 2020-08-20] (HP Inc. - & gt; HP Inc.)
HKLM\...\Print\Monitors\423SeriesPCL-8 Language Monitor: C:\WINDOWS\system32\KOAYFJ_L.DLL [25600 2020-05-26] (Microsoft Windows Hardware Compatibility Publisher - & gt; KONICA MINOLTA, INC.)
HKLM\...\Print\Monitors\CutePDF Writer Monitor v4.0: C:\WINDOWS\system32\cpwmon64_v40.dll [89584 2019-10-20] (Acro Software Inc - & gt; )
HKLM\...\Print\Monitors\HP Universal Print Monitor: C:\WINDOWS\system32\HPMPW081.DLL [126704 2015-08-18] (Hewlett-Packard Company - & gt; Hewlett-Packard)
HKLM\...\Print\Monitors\HPMLM135: C:\WINDOWS\system32\hpmlm135.dll [237296 2014-11-20] (Hewlett-Packard Company - & gt; Hewlett-Packard Company)
HKLM\...\Print\Monitors\HPMLM180: C:\WINDOWS\system32\hpmlm180.dll [309488 2015-08-18] (Hewlett-Packard Company - & gt; Hewlett-Packard Company)
HKLM\...\Print\Monitors\HPMLM225: C:\WINDOWS\system32\hpmlm225.dll [315496 2020-08-20] (HP Inc. - & gt; HP Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] - & gt; C:\Program Files\Google\Chrome\Application\90.0.4430.212\Installer\chrmstp.exe [2021-05-12] (Google LLC - & gt; Google LLC)
BootExecute: autocheck autochk *
Policies: C:\ProgramData\NTUSER.pol: Ograniczenia & lt; ==== UWAGA
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ograniczenia & lt; ==== UWAGA
HKLM\SOFTWARE\Policies\Microsoft\Edge: Ograniczenia & lt; ==== UWAGA
HKU\S-1-5-21-1903252980-1550380843-4214653748-1001\SOFTWARE\Policies\Microsoft\Edge: Ograniczenia & lt; ==== UWAGA

==================== Zaplanowane zadania (filtrowane) ============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

Task: {0DF77372-2D05-48E1-BDDD-E320DB7F026E} - System32\Tasks\TrackerAutoUpdate = & gt; C:\Program Files\Tracker Software\Update\TrackerUpdate.exe [4475136 2018-12-13] (Tracker Software Products (Canada) Ltd. - & gt; Tracker Software Products (Canada) Ltd.)
Task: {5193896C-8276-4505-8B11-45B30E04A35B} - System32\Tasks\Kerish Doctor = & gt; C:\Program Files (x86)\Kerish Doctor\KerishDoctor.exe [4230544 2021-04-01] (OOO AMA - & gt; Kerish Products)
Task: {5790B2CE-2D0C-46D4-8BD1-DF48753B9760} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup = & gt; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-14] (Microsoft Windows Publisher - & gt; Microsoft Corporation)
Task: {5D200FE0-4215-4C5D-AC67-D04C98BEB682} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification = & gt; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-14] (Microsoft Windows Publisher - & gt; Microsoft Corporation)
Task: {6724A51B-C56C-4D98-8D04-14726CBB509C} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB = & gt; C:\Program Files\Mozilla Firefox\default-browser-agent.exe [696304 2021-05-04] (Mozilla Corporation - & gt; Mozilla Foundation)
Task: {6E5BAFA3-FD63-473F-AD87-2450AC04AEED} - System32\Tasks\AMHelper = & gt; C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [682008 2021-03-30] (Zemana D.O.O. Sarajevo - & gt; Zemana Ltd.)
Task: {8CF709A9-902A-4A57-A0C3-4EEEB5099083} - System32\Tasks\WiseCleaner\WDCSkipUAC = & gt; C:\Program Files (x86)\Wise\Wise Disk Cleaner\WiseDiskCleaner.exe [8776024 2021-03-09] (Lespeed Technology Co., Ltd - & gt; WiseCleaner.com)
Task: {9B96D0EB-33D6-4603-B959-AF7A0B2B8230} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan = & gt; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-14] (Microsoft Windows Publisher - & gt; Microsoft Corporation)
Task: {AF5D0C79-D332-43DE-9268-7910A1982CC4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance = & gt; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-14] (Microsoft Windows Publisher - & gt; Microsoft Corporation)
Task: {BAB0DFA6-35CB-4863-A68F-D0F0E395F9ED} - System32\Tasks\TVT\TVSUUpdateTask = & gt; C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758224 2021-02-22] (Lenovo - & gt; )
Task: {C5B2E2C5-A73C-47E4-821B-02CB72BFF6D3} - System32\Tasks\Lenovo\Power Manager\Uninstall task = & gt; C:\WINDOWS\SysWOW64\PowerMgrInst.exe [62152 2020-12-20] (Lenovo - & gt; )
Task: {C9B41B65-3C11-4BE9-8040-4B8CA8D3ED39} - System32\Tasks\Lenovo\Power Manager\Background monitor = & gt; C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe [112840 2020-12-20] (Lenovo - & gt; Lenovo)
Task: {D77BB635-D424-435F-894D-2729F78D909E} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-1903252980-1550380843-4214653748-1001 = & gt; C:\Users\Admin\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [87384 2021-05-17] (Lenovo (Beijing) Limited - & gt; Lenovo Group Limited)
Task: {E64A4162-6514-48E7-BA9C-901BC5EF4F44} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn = & gt; C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758224 2021-02-22] (Lenovo - & gt; )
Task: {F3ECF3B5-E21F-4EA6-8471-7282FD1250A2} - System32\Tasks\Odkurzacz = & gt; C:\Program Files (x86)\Odkurzacz\odkurzacz.exe [1069056 2020-06-03] (FranmoSoftware) [Brak podpisu cyfrowego]
Task: {F4246400-1C09-41CB-9866-01840DF13AA0} - System32\Tasks\CreateExplorerShellUnelevatedTask = & gt; C:\WINDOWS\explorer.exe /NoUACCheck
Task: {FFAB7AD6-77B0-4FDA-87B8-984FB561D6D2} - System32\Tasks\GU5SkipUAC = & gt; C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [917832 2021-05-15] (Glarysoft LTD - & gt; Glarysoft Ltd)

(Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.)

Task: C:\WINDOWS\Tasks\Kerish Doctor.job = & gt; C:\Program Files (x86)\Kerish Doctor\KerishDoctor.exe
Task: C:\WINDOWS\Tasks\TrackerAutoUpdate.job = & gt; C:\Program Files\Tracker Software\Update\TrackerUpdate.exe-CheckUpdate(Tracker Software Products (Canada) Ltd.Kee

==================== Internet (filtrowane) ====================

(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{35968bc7-e498-46be-a764-d074fceda163}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{d29c4448-3736-426a-a824-039a30a2cf1f}: [DhcpNameServer] 89.231.1.206 217.172.224.160

Edge:
=======
Edge Extension: (Brak nazwy) - & gt; AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 = & gt; C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nie znaleziono]
Edge Extension: (Brak nazwy) - & gt; BookReader_B171F20233094AC88D05A8EF7B9763E8 = & gt; C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nie znaleziono]
Edge Extension: (Brak nazwy) - & gt; LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 = & gt; C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nie znaleziono]
Edge Extension: (Brak nazwy) - & gt; PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 = & gt; C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nie znaleziono]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default [2021-05-21]
Edge Extension: (IBM Security Rapport) - C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kajikgogckeajjplomldcempamhidmcc [2021-03-15]
Edge HKLM-x32\...\Edge\Extension: [kajikgogckeajjplomldcempamhidmcc]

FireFox:
========
FF DefaultProfile: 9gh6whdp.default
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9gh6whdp.default [2020-09-07]
FF Extension: (IBM Security Rapport) - C:\Users\Admin\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\rapportext@trusteer.com.xpi [2020-11-13] [UpdateUrl:hxxps://clients2.google.com/service/update2/crx]
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kvkq7iiz.default-release-1603342386050 [2021-05-21]
FF Extension: (Disable HTML5 Autoplay) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kvkq7iiz.default-release-1603342386050\Extensions\disable-html5-autoplay@afnankhan.xpi [2021-04-26]
FF Extension: (Ghostery – Bloker reklam chroniący prywatność) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kvkq7iiz.default-release-1603342386050\Extensions\firefox@ghostery.com.xpi [2021-03-03]
FF Extension: (Forecastfox (fix version)) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kvkq7iiz.default-release-1603342386050\Extensions\forecastfox@s3_fix_version.xpi [2020-11-24]
FF Extension: (HTTPS Everywhere) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kvkq7iiz.default-release-1603342386050\Extensions\https-everywhere@eff.org.xpi [2021-04-26]
FF Extension: (Privacy Badger) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kvkq7iiz.default-release-1603342386050\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2021-02-03]
FF Extension: (IBM Security Rapport) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kvkq7iiz.default-release-1603342386050\Extensions\rapportext@trusteer.com.xpi [2020-10-22] [UpdateUrl:hxxps://clients2.google.com/service/update2/crx]
FF Extension: (uBlock Origin) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kvkq7iiz.default-release-1603342386050\Extensions\uBlock0@raymondhill.net.xpi [2021-05-06]
FF Extension: (Bitwarden - darmowy menedżer haseł) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kvkq7iiz.default-release-1603342386050\Extensions\{446900e4-71c2-419f-a6a7-df9c091e268b}.xpi [2021-05-14]
FF Extension: (Video DownloadHelper) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kvkq7iiz.default-release-1603342386050\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2020-12-17]
FF Plugin: @adobe.com/FlashPlayer - & gt; C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_414.dll [2020-09-03] (Adobe Inc. - & gt; )
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - & gt; C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. - & gt; Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=11.281.2 - & gt; C:\Program Files\Java\jre1.8.0_281\bin\dtplugin\npDeployJava1.dll [2021-04-15] (Oracle America, Inc. - & gt; Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.281.2 - & gt; C:\Program Files\Java\jre1.8.0_281\bin\plugin2\npjp2.dll [2021-04-15] (Oracle America, Inc. - & gt; Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - & gt; C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_414.dll [2020-09-03] (Adobe Inc. - & gt; )
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - & gt; C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. - & gt; Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1903252980-1550380843-4214653748-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - & gt; C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. - & gt; Tracker Software Products (Canada) Ltd.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2021-05-21]

Chrome:
=======
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default [2021-05-21]
CHR Notifications: Default - & gt; hxxps://calendar.google.com; hxxps://meet.google.com
CHR HomePage: Default - & gt; hxxp://msn.gazeta.pl/msn/0,0.html?pc=UP97 & ocid=UP97DHP
CHR StartupUrls: Default - & gt; " hxxp://google.com/ "
CHR Extension: (IBM Security Rapport) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2021-02-22]
CHR Extension: (award.flights AwardFinder) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkmdpdpnihcmgndoolimdhfmljfpgnif [2020-10-19]
CHR Extension: (Disable HTML5 Autoplay) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\efdhoaajjjgckpbkoglidkeendpkolai [2020-10-19]
CHR Extension: (Video Downloader professional) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2020-10-19]
CHR Extension: (Free VPN ZenMate - Darmowy VPN Chrome) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2021-03-23]
CHR Extension: (I don't care about cookies) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2021-04-21]
CHR Extension: (HTTPS Everywhere) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2021-04-21]
CHR Extension: (AdBlock — najlepszy bloker reklam) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-05-06]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2021-05-21]
CHR Extension: (Ghostery – Bloker reklam chroniący prywatność) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2021-03-01]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-01]
CHR Extension: (ScriptSafe) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiigbmnaadbkfbmpbfijlflahbdbdgdf [2020-10-19]
CHR Extension: (Simple EPUB Reader) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojhbgcchcbdjdenibfmjofobklkkhofc [2020-10-19]
CHR Extension: (Chrome Media Router) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-22]
CHR HKU\S-1-5-21-1903252980-1550380843-4214653748-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof]
CHR HKU\S-1-5-21-1903252980-1550380843-4214653748-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof]
CHR HKU\S-1-5-21-1903252980-1550380843-4214653748-1007\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof]

==================== Usługi (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2954416 2021-05-04] (ESET, spol. s r.o. - & gt; ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2954416 2021-05-04] (ESET, spol. s r.o. - & gt; ESET)
R2 GUBootService; C:\Program Files (x86)\Glary Utilities 5\GUBootService.exe [865608 2021-05-15] (Glarysoft LTD - & gt; Glarysoft Ltd)
S2 LPlatSvc; C:\WINDOWS\System32\LPlatSvc.exe [892288 2019-12-11] (Lenovo - & gt; Lenovo.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7391408 2021-05-21] (Malwarebytes Inc - & gt; Malwarebytes)
R2 MSSQL$ELISOFT; C:\Program Files (x86)\Microsoft SQL Server\MSSQL11.ELISOFT\MSSQL\Binn\sqlservr.exe [163008 2015-10-20] (Microsoft Corporation - & gt; Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2019-02-01] (HP Inc.) [Brak podpisu cyfrowego]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2019-02-01] (HP Inc.) [Brak podpisu cyfrowego]
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [3008896 2020-08-18] (IBM - & gt; IBM Corp.)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2009-10-20] (CACE Technologies, Inc. - & gt; CACE Technologies, Inc.)
S4 SQLAgent$ELISOFT; C:\Program Files (x86)\Microsoft SQL Server\MSSQL11.ELISOFT\MSSQL\Binn\SQLAGENT.EXE [448704 2015-10-20] (Microsoft Corporation - & gt; Microsoft Corporation)
R2 TPHKLOAD; C:\WINDOWS\System32\DriverStore\FileRepository\fn.inf_amd64_700aca387f1cbd51\driver\TPHKLOAD.exe [465200 2020-12-28] (Lenovo - & gt; Lenovo Group Limited)
R2 WindscribeService; C:\Program Files (x86)\Windscribe\WindscribeService.exe [493232 2019-01-19] (Windscribe Limited - & gt; Windscribe Limited)
S2 wuauserv; C:\WINDOWS\system32\svchost.exe [57360 2020-10-16] (Microsoft Windows Publisher - & gt; Microsoft Corporation) & lt; ==== UWAGA (Brak ServiceDLL)
S2 wuauserv; C:\WINDOWS\SysWOW64\svchost.exe [47016 2020-10-16] (Microsoft Windows Publisher - & gt; Microsoft Corporation) & lt; ==== UWAGA (Brak ServiceDLL)
S2 moohelp; C:\Program Files (x86)\The Cleaner\mhelper.exe [X]
R2 ZoomCptService; " C:\Program Files (x86)\Common Files\Zoom\Support\CptService.exe " -user_path " C:\Users\Admin\AppData\Roaming\Zoom "

===================== Sterowniki (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

R1 amsdk; C:\WINDOWS\system32\drivers\amsdk.sys [232792 2021-05-21] (Zemana D.O.O. Sarajevo - & gt; Copyright 2018.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. - & gt; Samsung Electronics Co., Ltd.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [169400 2021-05-04] (ESET, spol. s r.o. - & gt; ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15824 2021-05-04] (Microsoft Windows Early Launch Anti-malware Publisher - & gt; ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [192624 2021-05-04] (ESET, spol. s r.o. - & gt; ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [107400 2021-05-04] (ESET, spol. s r.o. - & gt; ESET)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [199128 2021-05-21] (Malwarebytes Inc - & gt; Malwarebytes)
R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [30720 2021-05-21] (Microsoft Windows Hardware Compatibility Publisher - & gt; Glarysoft Ltd)
S3 HPEWSFXBULK; C:\WINDOWS\system32\drivers\hpfx64bulk.sys [29200 2017-03-17] (Hewlett-Packard Company - & gt; Hewlett Packard)
R2 inpoutx64; C:\WINDOWS\System32\Drivers\inpoutx64.sys [15008 2020-04-16] (Red Fox UK Limited - & gt; Highresolution Enterprises [www.highrez.co.uk])
S3 ldiagio; C:\Program Files (x86)\Lenovo\ldiagx64\ldiagio.sys [39048 2019-08-10] (Lenovo - & gt; Lenovo Group Limited (R))
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-05-21] (Malwarebytes Inc - & gt; Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-05-21] (Microsoft Windows Early Launch Anti-malware Publisher - & gt; Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198888 2021-05-21] (Malwarebytes Inc - & gt; Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2021-05-21] (Malwarebytes Inc - & gt; Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-05-21] (Malwarebytes Inc - & gt; Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [157944 2021-05-21] (Malwarebytes Inc - & gt; Malwarebytes)
S3 MpKsl29b99816; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{97079A05-39A8-4457-B996-BE4CF3810D95}\MpKslDrv.sys [107744 2021-05-20] (Microsoft Windows - & gt; Microsoft Corporation)
R2 NPF; C:\WINDOWS\System32\drivers\npf.sys [47632 2009-10-20] (CACE Technologies, Inc. - & gt; CACE Technologies, Inc.)
S3 pelmouse; C:\WINDOWS\System32\drivers\pelmouse.sys [26880 2016-07-11] (WDKTestCert idd,131110062695071623 - & gt; TPMX Electronics Ltd.)
S3 pelusblf; C:\WINDOWS\System32\drivers\pelusblf.sys [33048 2016-07-11] (WDKTestCert idd,131110062695071623 - & gt; )
S3 pelvendr; C:\WINDOWS\System32\drivers\pelvendr.sys [15032 2016-07-11] (WDKTestCert idd,131110062695071623 - & gt; TPMX Electronics Ltd.)
S3 phidmice; C:\WINDOWS\System32\drivers\phidmice.sys [33048 2016-07-11] (WDKTestCert idd,131110062695071623 - & gt; )
R0 PMDRVS; C:\WINDOWS\System32\drivers\pmdrvs.sys [38160 2019-12-11] (Lenovo - & gt; Lenovo.)
S3 pmouself; C:\WINDOWS\System32\drivers\pmouself.sys [26880 2016-07-11] (WDKTestCert idd,131110062695071623 - & gt; TPMX Electronics Ltd.)
S3 pvendrlf; C:\WINDOWS\System32\drivers\pvendrlf.sys [15032 2016-07-11] (WDKTestCert idd,131110062695071623 - & gt; TPMX Electronics Ltd.)
R1 RapportAegle64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportAegle64.sys [450240 2020-08-18] (IBM - & gt; IBM Corp.)
R1 RapportCerberus_2004080; c:\programdata\trusteer\rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_2004080.sys [1460480 2020-11-16] (IBM - & gt; IBM Corp.)
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [546056 2020-08-18] (IBM - & gt; IBM Corp.)
R0 RapportHades64; C:\WINDOWS\System32\Drivers\RapportHades64.sys [398984 2020-08-18] (IBM - & gt; IBM Corp.)
R0 RapportKE64; C:\WINDOWS\System32\Drivers\RapportKE64.sys [448904 2020-08-18] (IBM - & gt; IBM Corp.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [564928 2020-08-18] (IBM - & gt; IBM Corp.)
R3 risdxc; C:\WINDOWS\System32\drivers\risdxc64.sys [106496 2020-04-15] (Microsoft Windows Hardware Compatibility Publisher - & gt; REDC)
R3 SrvHsfHDA; C:\WINDOWS\system32\DRIVERS\VSTAZL6.SYS [292864 2019-12-07] (Microsoft Windows - & gt; Conexant Systems, Inc.)
R3 SrvHsfV92; C:\WINDOWS\system32\DRIVERS\VSTDPV6.SYS [1485312 2019-12-07] (Microsoft Windows - & gt; Conexant Systems, Inc.)
R3 SrvHsfWinac; C:\WINDOWS\system32\DRIVERS\VSTCNXT6.SYS [740864 2019-12-07] (Microsoft Windows - & gt; Conexant Systems, Inc.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. - & gt; Samsung Electronics Co., Ltd.)
R3 tapwindscribe0901; C:\WINDOWS\System32\drivers\tapwindscribe0901.sys [54896 2018-07-06] (Windscribe Limited - & gt; The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-05-14] (Microsoft Windows Early Launch Anti-malware Publisher - & gt; Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [73960 2021-05-14] (Microsoft Windows - & gt; Microsoft Corporation)
S3 CV2K1; \SystemRoot\system32\DRIVERS\cv2k1.sys [X]
U4 DiagTrack; Brak ImagePath
U4 dmwappushservice; Brak ImagePath
S1 UimBus; \SystemRoot\System32\drivers\uimbus.sys [X]
S1 Uim_DEVIM; \SystemRoot\System32\drivers\uimdevim.sys [X]

==================== NetSvcs (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)


==================== Jeden miesiąc (utworzone) (filtrowane) =========

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2021-05-21 15:23 - 2021-05-21 15:32 - 000000000 ____D C:\FRST
2021-05-21 15:15 - 2021-05-21 15:32 - 000000000 ___HD C:\$GetCurrent
2021-05-21 14:38 - 2021-05-21 15:32 - 000000000 ____D C:\Windows10Upgrade
2021-05-21 13:09 - 2021-05-21 15:32 - 000213620 _____ C:\WINDOWS\ZAM.krnl.trace
2021-05-21 13:09 - 2021-05-21 13:09 - 000008192 ___SH C:\DumpStack.log.tmp
2021-05-21 12:15 - 2021-05-21 13:55 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\226355F6.sys
2021-05-21 12:09 - 2021-05-21 12:09 - 000000828 _____ C:\Users\Admin\Dropbox\Mój komputer (DESKTOP-I5NNCB4)\Documents\hosts.txt
2021-05-21 11:09 - 2021-05-21 11:09 - 000232792 _____ (Copyright 2018.) C:\WINDOWS\system32\Drivers\amsdk.sys
2021-05-21 11:09 - 2021-05-21 11:09 - 000003548 _____ C:\WINDOWS\system32\Tasks\AMHelper
2021-05-21 11:09 - 2021-05-21 11:09 - 000001337 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2021-05-21 11:09 - 2021-05-21 11:09 - 000000000 ____D C:\Users\Admin\AppData\Local\Zemana
2021-05-21 11:09 - 2021-05-21 11:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2021-05-21 11:09 - 2021-05-21 11:09 - 000000000 ____D C:\Program Files (x86)\Zemana
2021-05-21 11:07 - 2021-05-21 11:07 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-05-21 11:07 - 2021-05-21 11:07 - 000198888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-05-21 11:07 - 2021-05-21 11:07 - 000157944 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-05-21 11:07 - 2021-05-21 11:07 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-05-21 10:26 - 2021-05-21 10:26 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-05-21 10:02 - 2021-05-21 10:02 - 000000000 ____D C:\ProgramData\Emsisoft
2021-05-21 09:52 - 2021-05-21 09:52 - 000000266 __RSH C:\ProgramData\ntuser.pol
2021-05-21 09:35 - 2021-05-21 13:32 - 000000000 ____D C:\Users\Admin\AppData\Local\AMSDK
2021-05-21 09:22 - 2021-05-21 09:22 - 000000000 ____D C:\Users\Admin\AppData\Local\mbam
2021-05-21 09:21 - 2021-05-21 10:26 - 000002041 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-05-21 09:21 - 2021-05-21 10:26 - 000002029 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-05-21 09:21 - 2021-05-21 09:21 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-05-21 09:21 - 2021-05-21 09:21 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-05-21 09:20 - 2021-05-21 09:20 - 000000000 ____D C:\Program Files\Malwarebytes
2021-05-21 08:41 - 2021-05-21 08:41 - 000001140 _____ C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2021-05-21 08:41 - 2021-05-21 08:41 - 000000000 ____D C:\Users\Admin\AppData\Local\VS Revo Group
2021-05-21 08:41 - 2021-05-21 08:41 - 000000000 ____D C:\ProgramData\VS Revo Group
2021-05-21 08:41 - 2021-05-21 08:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2021-05-21 08:41 - 2021-05-21 08:41 - 000000000 ____D C:\Program Files\VS Revo Group
2021-05-21 08:41 - 2020-10-14 04:07 - 000038400 _____ (VS Revo Group) C:\WINDOWS\system32\Drivers\revoflt.sys
2021-05-21 08:01 - 2021-05-21 14:10 - 000513361 _____ C:\Users\Admin\Dropbox\Mój komputer (DESKTOP-I5NNCB4)\Documents\trojan.odt
2021-05-21 07:44 - 2021-05-21 07:44 - 050069504 _____ C:\WINDOWS\system32\C_32770.NLS
2021-05-21 07:44 - 2021-05-21 07:44 - 000000000 ____D C:\WINDOWS\Panther
2021-05-21 07:43 - 2021-05-21 11:06 - 050069504 _____ C:\WINDOWS\system32\config\SYSTEM
2021-05-21 07:15 - 2021-05-21 07:15 - 000000000 ____D C:\Users\SOLIDUM\AppData\Roaming\GlarySoft
2021-05-21 07:14 - 2021-05-21 07:14 - 000000000 ____D C:\ProgramData\Glarysoft
2021-05-21 07:11 - 2021-05-21 07:59 - 000000000 ____D C:\Program Files (x86)\Glary Utilities 5
2021-05-21 07:11 - 2021-05-21 07:11 - 000030720 _____ (Glarysoft Ltd) C:\WINDOWS\system32\Drivers\GUBootStartup.sys
2021-05-21 07:11 - 2021-05-21 07:11 - 000003032 _____ C:\WINDOWS\system32\Tasks\GU5SkipUAC
2021-05-21 07:11 - 2021-05-21 07:11 - 000001175 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2021-05-21 07:11 - 2021-05-21 07:11 - 000001163 _____ C:\Users\Public\Desktop\Glary Utilities 5.lnk
2021-05-21 07:11 - 2021-05-21 07:11 - 000000000 ____D C:\Users\Admin\AppData\Roaming\GlarySoft
2021-05-21 07:11 - 2021-05-21 07:11 - 000000000 ____D C:\Users\Admin\AppData\Roaming\DiskDefrag
2021-05-21 07:11 - 2021-05-21 07:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2021-05-20 22:43 - 2021-05-21 14:39 - 000000751 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asystent aktualizacji do systemu Windows 10.lnk
2021-05-20 16:11 - 2021-05-20 16:11 - 000000000 ____D C:\zosia foto
2021-05-20 11:25 - 2021-05-20 12:33 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\29214705.sys
2021-05-20 09:54 - 2021-05-20 09:54 - 000000000 ____D C:\Users\koza\AppData\Roaming\Thunderbird
2021-05-20 09:54 - 2021-05-20 09:54 - 000000000 ____D C:\Users\koza\AppData\LocalLow\Mozilla
2021-05-20 09:54 - 2021-05-20 09:54 - 000000000 ____D C:\Users\koza\AppData\Local\Thunderbird
2021-05-20 09:34 - 2021-05-20 09:34 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-05-20 09:32 - 2021-05-21 09:21 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-05-20 09:32 - 2021-05-20 09:32 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\6622A185.sys
2021-05-20 09:31 - 2021-05-21 14:57 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2021-05-20 08:19 - 2021-05-20 08:20 - 000018736 _____ C:\TDSSKiller.3.1.0.28_20.05.2021_08.19.32_log.txt
2021-05-20 07:36 - 2021-05-20 07:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2021-05-20 07:36 - 2021-05-20 07:36 - 000000000 ____D C:\ProgramData\ESET
2021-05-20 07:36 - 2021-05-20 07:36 - 000000000 ____D C:\Program Files\ESET
2021-05-20 06:47 - 2021-05-20 06:55 - 000000000 ____D C:\AdwCleaner
2021-05-20 06:44 - 2021-05-20 06:44 - 000000400 _____ C:\WINDOWS\Tasks\Kerish Doctor.job
2021-05-20 06:38 - 2021-05-20 06:38 - 000000000 ____D C:\ProgramData\DTTSKBJ69ZL8TIMUWZRD7DWND
2021-05-20 06:37 - 2021-05-20 07:40 - 000000000 ____D C:\Users\Admin\Dropbox\Mój komputer (DESKTOP-I5NNCB4)\Documents\VlcpVideoV1.0.1
2021-05-20 06:37 - 2021-05-20 06:38 - 000000000 ____D C:\ProgramData\FD0PMN7XX8AVHCG7RC5HDJJVD
2021-05-20 06:37 - 2021-05-20 06:37 - 000000000 ____D C:\Users\Admin\AppData\Local\NetSupport
2021-05-20 06:37 - 2021-05-20 06:37 - 000000000 ____D C:\Users\Admin\AppData\Local\AdvinstAnalytics
2021-05-20 06:37 - 2021-05-15 04:21 - 000000000 ___HD C:\Users\Admin\AppData\Roaming\WinSupport
2021-05-20 06:36 - 2021-05-20 07:54 - 000000000 ____D C:\WINDOWS\PublicGaming
2021-05-20 06:36 - 2021-05-20 06:49 - 000000000 ____D C:\Program Files (x86)\Data Finder
2021-05-20 06:27 - 2021-05-20 07:10 - 000000000 ____D C:\foto rescue
2021-05-19 12:16 - 2021-05-21 15:33 - 000000000 ____D C:\Users\Admin\AppData\Roaming\AIMP
2021-05-19 12:16 - 2021-05-21 11:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP
2021-05-19 12:16 - 2021-05-21 11:57 - 000000000 ____D C:\Program Files (x86)\AIMP
2021-05-19 12:16 - 2021-05-19 12:16 - 000000968 _____ C:\Users\Public\Desktop\AIMP.lnk
2021-05-19 08:29 - 2021-05-19 08:29 - 000000000 ___HD C:\$Windows.~WS
2021-05-18 07:08 - 2021-05-20 09:54 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2021-05-17 09:28 - 2021-05-17 09:28 - 000576089 _____ C:\WINDOWS\Packet.KTL
2021-05-17 09:28 - 2021-05-17 09:28 - 000426022 _____ C:\WINDOWS\ProcessedPackets.KTL
2021-05-17 09:28 - 2021-05-17 09:28 - 000288088 _____ C:\WINDOWS\Control.KTL
2021-05-17 09:28 - 2021-05-17 09:28 - 000039341 _____ C:\WINDOWS\SentOSPackets.KTL
2021-05-17 09:28 - 2021-05-17 09:28 - 000002342 _____ C:\WINDOWS\NGIControl.KTL
2021-05-14 07:36 - 2021-05-14 07:36 - 000000000 ____D C:\Users\Admin\.android
2021-05-13 20:45 - 2021-05-13 20:45 - 000011351 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-05-13 10:36 - 2021-05-13 10:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskMark8
2021-05-13 10:36 - 2021-05-13 10:36 - 000000000 ____D C:\Program Files\CrystalDiskMark8
2021-05-12 16:40 - 2021-05-12 16:40 - 000003646 _____ C:\WINDOWS\system32\Tasks\CreateExplorerShellUnelevatedTask
2021-05-12 10:13 - 2021-05-12 10:13 - 000001158 _____ C:\Users\Public\Desktop\OpenOffice 4.1.10.lnk
2021-05-12 10:13 - 2021-05-12 10:13 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.10
2021-05-12 10:07 - 2021-05-12 10:07 - 000001171 _____ C:\Users\Public\Desktop\LibreOffice 7.1.lnk
2021-05-12 10:07 - 2021-05-12 10:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.1
2021-05-07 18:18 - 2021-05-07 18:18 - 000000000 ____D C:\Users\Admin\AppData\LocalLow\Google
2021-05-06 19:45 - 2021-05-20 09:35 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-05-05 15:12 - 2020-08-20 18:35 - 000578152 _____ (HP Inc.) C:\WINDOWS\system32\hpcpn250.dll
2021-05-05 15:12 - 2020-08-20 18:35 - 000540776 _____ (HP Inc.) C:\WINDOWS\SysWOW64\hpcc3250.dll
2021-05-05 15:12 - 2020-08-20 18:35 - 000315496 _____ (HP Inc.) C:\WINDOWS\system32\hpmlm225.dll
2021-05-05 15:12 - 2020-08-20 18:35 - 000264808 _____ (HP Inc.) C:\WINDOWS\system32\hpmml250.dll
2021-05-05 15:12 - 2020-08-20 18:35 - 000241768 _____ (HP Inc.) C:\WINDOWS\system32\hpmja250.dll
2021-05-05 15:12 - 2020-08-20 18:35 - 000229480 _____ (HP Inc.) C:\WINDOWS\system32\hpmpm082.dll
2021-05-05 15:12 - 2020-08-20 18:35 - 000203880 _____ (HP Inc.) C:\WINDOWS\system32\hpmtp250.dll
2021-05-05 15:12 - 2020-08-20 18:35 - 000178280 _____ (HP Inc.) C:\WINDOWS\system32\hpcjpm.dll
2021-05-05 15:12 - 2020-08-20 18:35 - 000127592 _____ (HP Inc.) C:\WINDOWS\system32\hpmpw082.dll
2021-05-04 13:13 - 2021-05-04 13:13 - 000192624 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys
2021-05-04 13:13 - 2021-05-04 13:13 - 000169400 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2021-05-04 13:13 - 2021-05-04 13:13 - 000107400 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2021-05-04 09:56 - 2021-05-04 09:56 - 000015824 _____ (ESET) C:\WINDOWS\system32\Drivers\eelam.sys
2021-04-30 12:59 - 2021-04-30 12:59 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-04-30 12:59 - 2021-04-30 12:59 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-04-30 12:59 - 2021-04-30 12:59 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll
2021-04-30 12:59 - 2021-04-30 12:59 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-04-30 12:59 - 2021-04-30 12:59 - 000700928 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-04-30 12:59 - 2021-04-30 12:59 - 000157184 _____ C:\WINDOWS\system32\uwfcsp.dll
2021-04-30 12:59 - 2021-04-30 12:59 - 000153600 _____ C:\WINDOWS\system32\uwfcfgmgmt.dll
2021-04-30 12:58 - 2021-04-30 12:58 - 001823816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-04-30 12:58 - 2021-04-30 12:58 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-04-30 12:58 - 2021-04-30 12:58 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-04-30 12:58 - 2021-04-30 12:58 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-04-30 12:58 - 2021-04-30 12:58 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-04-30 12:58 - 2021-04-30 12:58 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-04-26 14:25 - 2021-04-26 14:25 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2021-04-26 14:25 - 2021-04-26 14:25 - 000000000 ____D C:\Program Files\Reference Assemblies
2021-04-26 14:25 - 2021-04-26 14:25 - 000000000 ____D C:\Program Files\MSBuild
2021-04-26 14:25 - 2021-04-26 14:25 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2021-04-26 14:25 - 2021-04-26 14:25 - 000000000 ____D C:\Program Files (x86)\MSBuild
2021-04-26 06:34 - 2021-05-18 06:08 - 000000000 ____D C:\Users\Admin\AppData\Local\slack
2021-04-25 14:39 - 2021-04-25 14:39 - 000000000 ____D C:\Users\Admin\AppData\Local\Tvsukernel
2021-04-25 14:36 - 2021-04-25 14:36 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_ldiagio_01009.Wdf
2021-04-25 14:34 - 2021-04-25 14:36 - 000000000 ____D C:\Program Files (x86)\Lenovo
2021-04-25 14:34 - 2021-04-25 14:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\lenovo
2021-04-21 20:28 - 2014-11-20 08:14 - 000237296 _____ (Hewlett-Packard Company) C:\WINDOWS\system32\hpmlm135.dll
2021-04-21 20:28 - 2014-11-20 08:14 - 000162032 _____ (Hewlett-Packard) C:\WINDOWS\system32\hpmtp175.dll
2021-04-21 20:28 - 2014-11-20 08:13 - 000217328 _____ (Hewlett-Packard) C:\WINDOWS\system32\hpmml175.dll
2021-04-21 20:28 - 2014-11-20 08:13 - 000200432 _____ (Hewlett-Packard) C:\WINDOWS\system32\hpmja175.dll
2021-04-21 20:28 - 2014-11-20 08:11 - 000457456 _____ (Hewlett-Packard Corporation) C:\WINDOWS\system32\hpcpn175.dll
2021-04-21 20:28 - 2014-11-20 08:07 - 000452336 _____ (Hewlett Packard Corporation) C:\WINDOWS\SysWOW64\hpcc3175.dll
2021-04-21 20:17 - 2021-05-05 15:11 - 000000000 ____D C:\HP Universal Print Driver

==================== Jeden miesiąc (zmodyfikowane) ==================

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2021-05-21 15:28 - 2020-05-04 19:47 - 000000000 ____D C:\ProgramData\Mozilla
2021-05-21 14:53 - 2020-10-20 06:31 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Slack
2021-05-21 14:46 - 2020-10-17 07:07 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Wise Disk Cleaner
2021-05-21 14:41 - 2020-12-30 20:19 - 000000000 ____D C:\WINDOWS\Minidump
2021-05-21 14:41 - 2020-04-16 00:06 - 000000000 ____D C:\Users\Admin\AppData\Local\CrashDumps
2021-05-21 14:41 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-05-21 14:39 - 2020-10-02 08:07 - 000000000 ____D C:\Program Files\Google
2021-05-21 13:32 - 2020-07-11 12:50 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-05-21 13:20 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-05-21 13:13 - 2020-07-11 12:59 - 000006328 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-05-21 13:13 - 2019-12-07 17:09 - 002200076 _____ C:\WINDOWS\system32\perfh015.dat
2021-05-21 13:13 - 2019-12-07 17:09 - 000580280 _____ C:\WINDOWS\system32\perfc015.dat
2021-05-21 13:09 - 2020-07-11 12:54 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-05-21 13:09 - 2020-07-11 09:30 - 000000000 ____D C:\Users\Admin
2021-05-21 11:06 - 2019-12-07 11:03 - 001310720 _____ C:\WINDOWS\system32\config\BBI
2021-05-21 10:38 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-05-21 10:29 - 2020-07-11 09:30 - 000000000 ____D C:\Users\SOLIDUM
2021-05-21 10:10 - 2020-04-29 12:18 - 000000000 ____D C:\Programer_archiwa
2021-05-21 09:21 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-05-21 09:02 - 2020-06-04 13:11 - 000000000 ____D C:\Users\Admin\AppData\Local\ESET
2021-05-21 07:45 - 2020-07-11 01:02 - 000000000 ____D C:\Users\Admin\AppData\Local\D3DSCache
2021-05-21 07:41 - 2020-06-16 12:18 - 000000000 ____D C:\Users\Admin\AppData\Local\Slimjet
2021-05-21 07:36 - 2020-07-06 22:06 - 000000000 ____D C:\Users\Admin\Dropbox
2021-05-21 07:10 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-05-21 06:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Help
2021-05-20 22:59 - 2020-04-16 00:03 - 000000000 ____D C:\ProgramData\Package Cache
2021-05-20 22:20 - 2020-04-15 22:14 - 132732536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-05-20 22:10 - 2020-06-04 11:28 - 000000000 ____D C:\ProgramData\TEMP
2021-05-20 12:36 - 2020-04-15 23:49 - 000000000 ____D C:\Program Files\Recuva
2021-05-20 12:35 - 2020-09-11 12:06 - 000000000 _RSHD C:\ProgramData\Key-Base
2021-05-20 09:54 - 2020-09-08 11:58 - 000000000 ____D C:\Users\koza\AppData\Roaming\Mozilla
2021-05-20 09:34 - 2020-10-22 06:52 - 000000999 _____ C:\Users\Public\Desktop\Firefox.lnk
2021-05-20 09:34 - 2020-04-15 22:03 - 000001011 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-05-20 09:34 - 2020-04-15 22:03 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-05-20 08:45 - 2021-04-12 23:32 - 000000000 ____D C:\Users\SOLIDUM\AppData\Local\D3DSCache
2021-05-20 07:28 - 2020-09-08 07:09 - 000000000 ____D C:\Program Files (x86)\InstallShield Installation Information
2021-05-20 06:39 - 2019-12-07 11:03 - 049020928 _____ C:\WINDOWS\system32\config\BCD00000000
2021-05-19 13:06 - 2020-10-06 09:34 - 000018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
2021-05-19 12:16 - 2020-07-23 16:21 - 000000000 ____D C:\Users\SOLIDUM\AppData\Roaming\AIMP
2021-05-19 08:30 - 2020-08-18 21:09 - 000000000 ____D C:\ESD
2021-05-19 07:41 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-05-18 07:41 - 2020-05-04 19:48 - 000001294 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2021-05-18 06:27 - 2020-06-25 11:48 - 000000000 ____D C:\Users\Admin\AppData\Roaming\ObviousIdea
2021-05-18 06:12 - 2020-06-09 08:19 - 000000000 ____D C:\Users\Admin\AppData\Local\LenovoServiceBridge
2021-05-18 06:08 - 2020-10-20 06:31 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Slack Technologies Inc
2021-05-18 06:08 - 2020-10-20 06:31 - 000000000 ____D C:\Users\Admin\AppData\Local\SquirrelTemp
2021-05-17 06:58 - 2020-08-18 22:46 - 000002450 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-05-17 06:58 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-05-14 10:51 - 2020-10-10 08:53 - 000000000 ____D C:\Users\Admin\Dropbox\Mój komputer (DESKTOP-I5NNCB4)\Documents\opony
2021-05-14 09:32 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-05-14 08:23 - 2020-04-15 12:56 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-05-14 07:42 - 2020-08-25 07:53 - 000000000 ____D C:\Users\Admin\AppData\Roaming\KSM
2021-05-13 21:55 - 2019-12-07 17:12 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-05-13 21:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-05-13 21:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-05-13 11:09 - 2020-04-15 22:14 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-05-13 10:37 - 2021-04-03 22:23 - 000000000 ____D C:\Users\Admin\AppData\Local\FluxSoftware
2021-05-12 21:23 - 2020-10-19 06:10 - 000002255 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-05-12 21:23 - 2020-10-19 06:10 - 000002214 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-05-12 10:13 - 2020-04-15 23:32 - 000000000 ____D C:\Program Files (x86)\OpenOffice 4
2021-05-12 10:07 - 2020-06-01 09:46 - 000000000 ____D C:\Program Files\LibreOffice
2021-05-12 07:18 - 2020-04-15 23:35 - 000000000 ____D C:\WINDOWS\TempInst
2021-05-12 07:17 - 2020-10-20 23:14 - 000000000 ____D C:\Program Files\Lenovo
2021-05-05 08:03 - 2020-04-20 15:47 - 000000000 ____D C:\Users\SOLIDUM\AppData\LocalLow\Mozilla
2021-05-02 21:54 - 2020-09-21 15:25 - 000001074 _____ C:\nsispromotion_log.txt
2021-05-02 21:50 - 2020-08-31 21:46 - 000000000 ____D C:\Users\Admin\AppData\Roaming\BitTorrent Web
2021-05-02 21:26 - 2020-08-31 21:47 - 000000000 ____D C:\Users\Admin\AppData\Local\BitTorrentHelper
2021-04-30 17:33 - 2020-04-15 23:52 - 000000000 ____D C:\Users\Admin\AppData\Roaming\FileZilla
2021-04-30 14:47 - 2019-12-07 17:10 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2021-04-30 14:47 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-04-30 14:47 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-04-30 14:47 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-04-30 14:47 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-04-30 14:47 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2021-04-30 14:47 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-04-30 14:47 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-04-30 14:47 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-04-30 14:47 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-04-30 14:47 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-04-30 14:47 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-04-30 14:47 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-04-30 14:47 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-04-30 14:47 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-04-30 14:47 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-04-30 12:22 - 2020-04-15 13:17 - 000000000 ____D C:\Users\Admin\AppData\Roaming\IObit
2021-04-29 15:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-04-29 06:33 - 2021-02-21 13:55 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-04-26 14:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2021-04-26 14:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\MUI
2021-04-26 10:54 - 2020-04-17 15:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2021-04-26 10:54 - 2020-04-17 15:34 - 000000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2021-04-26 09:49 - 2020-08-18 22:46 - 000003274 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-04-26 05:37 - 2020-08-18 22:46 - 000003510 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-04-25 14:36 - 2020-04-15 13:15 - 000000000 ____D C:\Users\Admin\AppData\Local\Lenovo
2021-04-25 14:34 - 2020-07-11 12:54 - 000000000 ____D C:\WINDOWS\system32\Tasks\TVT
2021-04-25 14:34 - 2020-05-19 21:26 - 000002403 _____ C:\WINDOWS\SysWOW64\InstallUtil.InstallLog
2021-04-21 11:38 - 2020-04-15 13:18 - 000000000 ____D C:\ProgramData\ProductData
2021-04-21 09:43 - 2019-12-07 17:10 - 000000000 ____D C:\WINDOWS\system32\FxsTmp

==================== Pliki w katalogu głównym wybranych folderów ========

2020-04-15 23:52 - 2020-04-15 23:52 - 000284028 _____ () C:\Users\Admin\AppData\Roaming\921_1N1I1F1S1T1I0M1F1Q2Y1I1P1B0C1F1Q1P.txt
2020-08-31 22:32 - 2020-08-31 22:32 - 000000849 _____ () C:\Users\Admin\AppData\Roaming\qnapi.ini
2020-10-10 07:40 - 2020-10-19 08:39 - 000538445 _____ () C:\Users\Admin\AppData\Roaming\SkrybotConfigDoMowyDemo.xml
2021-04-03 09:12 - 2021-04-03 09:12 - 000003190 _____ () C:\Users\Admin\AppData\Local\recently-used.xbel
2020-08-18 22:25 - 2020-08-18 22:25 - 000007605 _____ () C:\Users\Admin\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)

==================== Koniec FRST.txt ========================